Re: [Samba] idmap_ad partially stopped working after upgrading Samba from 3.4.3 to 3.6.3
On 14 May 2012 18:58, David Disseldorp dd...@suse.de wrote: Hi Javier, On Mon, 14 May 2012 17:48:09 +0200 Javier Conti javier.co...@gmail.com wrote: upgrading from SLES11 SP1 to SLES11 SP2, I upgraded Samba from 3.4.3 to 3.6.3. I was successfully using idmap_ad to authenticate users but after the upgrade it stopped working and users are not seen by the OS. Obviously the users I want to see on the Linux server have all RFC2307 attributes populated and are seen by all other SLES11 SP1 servers. I checked everything (I know) from the Samba point of view, and it almost seems ok, but wbinfo -i fails as follows: # wbinfo -i myuser failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for user myuser Thanks for your report. As this version of Samba is vendor supported, I'd encourage you to raise this issue at bugzilla.novell.com. Do you also encounter this error with winbind use default domain = no configured, running wbinfo -i MYDOMAIN\\myuser? Hi David, as you suggested, I filed a bug there. I also tried configuring winbind use default domain = no but all the symptoms seems the same (I obviously restarted winbindd). Thanks, Javier Cheers, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba home folder share
i did it :D. Thank God but i didn't used ACL since things are not that complicated in my office. Thanks mate. if you find any security mistake or something please share. [ProfileShare] comment = Roaming Profile Share path = /nas/users/%D/%U valid users = %U read only = No guest ok = No browseable = yes root preexec = /scripts/smbmkdir.sh %D %U create mask = 4770 directory mask = 4770 # map acl inherit = Yes # profile acls = Yes store dos attributes = Yes map archive = No map system = No map hidden = No map readonly = no smbmkdir.sh #!/bin/bash if [ ! -e /nas/users/$1/$2 ]; then mkdir -p /nas/users/$1/$2 chown $2:admin-grp /nas/users/$1/$2 chmod 4770 /nas/users/$1/$2 fi exit 0 On Mon, May 14, 2012 at 7:04 PM, Jorell jore...@fastmail.net wrote: On 5/14/2012 6:42 AM, Muhammad Yousuf Khan wrote: On Sun, May 13, 2012 at 9:38 PM, Jorelljore...@fastmail.net wrote: On 5/10/2012 11:19 PM, Muhammad Yousuf Khan wrote: i am u sing AD integrated Samba with winbind,I need to share a samba home folder for every single user in my Active directory. since i dont wanna create every user's directory i want samba to manage it. however i dont wanna place the home folders on default path as the boot drive (/dev/sda) is very small to store the data, beside that, i do have storage /nas/users which is a mount point of my raid array. so specifically every user's home folder should be created on /nas/users and this is my home share details in samba. [homes] comment = Home Directories browseable = yes writeable = yes create mask = 0700 directory mask = 0700 valid users = %S after sharing i can see two folders on the samba share 1. admin (which is my valid user and i was expecting this) 2. home ( this is some thing making me confuse, it shouldn't suppose to be there ) however, when i click on both folders it gives me an error you might not have permission to use this network resource .. Blah blah blah[global] workgroup = realm = .COM netbios name = nasbox server string = %h server security = ADS obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supd$ unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No panic action = /usr/share/samba/panic-action %d idmap uid = 1-2 idmap gid = 1-2 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes . further, all other shares are working fine. here is my samba global. Thanks here is what I use in my conf [ProfileShare] ... root preexec = /root/pdc/smbmkhomedir.sh %D %U ... smbmkhomedir.sh #!/bin/bash if [ ! -e /home/$1/$2 ]; then mkdir -p /home/$1/$2 chown $2:Domain Users /home/$1/$2 chmod 4711 /home/$1/$2 setfacl --set=d:u::rwx,d:g::--x,d:o::---,d:u:$2:rwx,d:g:'domain users':--x /home/$1/$2 fi exit 0 can you please share a bit more [global] ? [profileshare] ? that would be very helpful. Thank you, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba On my partition it mounts with acl,user_xattr [global] workgroup = MIDEARTH netbios name = FRODO realm = MIDEARTH.REALM server string = %D server (samba %v) security = ADS map to guest = Bad User encrypt passwords = Yes lanman auth = No ntlm auth = No client NTLMv2 auth = Yes printcap name = cups printing = cups disable spoolss = No show add printer wizard = No log file = /var/log/samba/log.%m max log size = 512 syslog = 0 map archive = No map system = No map hidden = No map readonly = No store dos attributes = Yes winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes idmap backend = tdb idmap uid = 1-1 idmap gid = 1-1 idmap config MIDEARTH : backend = ad idmap config MIDEARTH : range = 2-2 [ProfileShare] comment = Roaming Profile Share path = /home/%D/%U valid users = %U read only = No guest ok = No browseable = No root preexec = /root/pdc/smbmkhomedir.sh %D %U create mask = 4711 directory mask = 4711 map acl inherit = Yes profile acls = Yes store dos attributes = Yes map archive = No map system = No map hidden = No map readonly = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] cross-compile samba4
Hi All, Are there any good, up-to-date hints out there for cross compiling Samba4 for Arm? I've looked at http://wiki.samba.org/index.php/Waf#cross-compiling but the info is a little dated it appears. I'm looking to build for the dreamplug and based on the info on the wiki I've installed qemu and an arm toolchain but 'cross-execute' appears to be ignored. At least that's what it looks like to me. The 'config' step fails complaining it can't find the python libraries but I suspect the process is failing to run the created arm code. Of course I could be way off of base with my assumtions. Maybe I'd be better off not using waf? Either way, any hints on cross-compiling samba4 greatly appreciated. Cheers, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4.17 -Solaris10_U10- make- Fatal error with talloc
Hi, This is Prabu. I am trying to compile samba on Solaris 10_U10. I have posted the same in bugzilla. https://bugzilla.samba.org/show_bug.cgi?id=8939 User requirement is to compile samba 3.4.17 to support their application. 3.4.17 is working on Solaris 9 and Solaris 10_U5. But not on Solaris 10_U10. ./configure and make gives error related to talloc. I have set the PKG_CONFIG_PATH. It is not picking up from it. I have attached config.log in the bug. Let me know if you need further info from me. Please help me to fix this issue. bash-3.2# more config.err Package talloc was not found in the pkg-config search path. Perhaps you should add the directory containing `talloc.pc' to the PKG_CONFIG_PATH environment variable No package 'talloc' found bash-3.2# echo $PKG_CONFIG_PATH /usr/local/lib/pkgconfig/ bash-3.2# ls -ld /usr/local/lib/pkgconfig/talloc.pc -rw-r--r-- 1 root root 298 May 12 23:22 /usr/local/lib/pkgconfig/talloc.pc Thanks and Regards, Prabu PM Managed Hosting - Private Cloud Infrastructure Group - UNIX EMC² Data Storage Systems (India) Pvt. Ltd, Bangalore, India. *+91 80 67377875 | Extn: 785 7875 * prabu.muru...@emc.com | Group Email: pcig_bangalore_services_managed_host...@emc.com Success consists of going from failure to failure without loss of enthusiasm. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.4.17 -Solaris10_U10- make- Fatal error with talloc
Solaris 10 patches include samba. On Solaris 10 sparc 119757-21 (3.5.10) or 119757-22 (3.6.4) On Solaris 10 x86 119758-21 (3.5.10) or 119758-22 (3.6.4) A lot easier than compiling from scratch. Make sure you set LD_LIBRARY_PATH. If using GCC to compile you may also need to set compiler and linker flags eg. CPPFLAGS=-I /usr/local/include -I/usr/local/ssl/include -I/usr/include. LDFLAGS=-L/usr/local/lib -R/usr/local/lib GCC on Solaris 10 (whether from Sun or sunfreeware.com) uses Sun make, not gnu make.That causes problems with compiling some things like samba. You may have better luck using sun studio CC and dmake. On 05/14/12 22:38, prabu.muru...@emc.com wrote: Hi, This is Prabu. I am trying to compile samba on Solaris 10_U10. I have posted the same in bugzilla. https://bugzilla.samba.org/show_bug.cgi?id=8939 User requirement is to compile samba 3.4.17 to support their application. 3.4.17 is working on Solaris 9 and Solaris 10_U5. But not on Solaris 10_U10. ./configure and make gives error related to talloc. I have set the PKG_CONFIG_PATH. It is not picking up from it. I have attached config.log in the bug. Let me know if you need further info from me. Please help me to fix this issue. bash-3.2# more config.err Package talloc was not found in the pkg-config search path. Perhaps you should add the directory containing `talloc.pc' to the PKG_CONFIG_PATH environment variable No package 'talloc' found bash-3.2# echo $PKG_CONFIG_PATH /usr/local/lib/pkgconfig/ bash-3.2# ls -ld /usr/local/lib/pkgconfig/talloc.pc -rw-r--r-- 1 root root 298 May 12 23:22 /usr/local/lib/pkgconfig/talloc.pc Thanks and Regards, Prabu PM Managed Hosting - Private Cloud Infrastructure Group - UNIX EMC² Data Storage Systems (India) Pvt. Ltd, Bangalore, India. *+91 80 67377875 | Extn: 785 7875 * prabu.muru...@emc.com | Group Email: pcig_bangalore_services_managed_host...@emc.com Success consists of going from failure to failure without loss of enthusiasm. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Mac to windows File name conversion
Hi All, How Samba handles invalid characters like '/' while transferring file from Mac to Windows? When I tested with '/' it got converted to unicode F022 in windows. How is it happening? Regards, Roy Mathew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Mac to windows File name conversion
On Tue, May 15, 2012 at 07:05:02PM +0530, Roy Mathew wrote: Hi All, How Samba handles invalid characters like '/' while transferring file from Mac to Windows? When I tested with '/' it got converted to unicode F022 in windows. How is it happening? Last time I tested it was Finder magic. And it differed between Finder and Terminal. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen http://www.sernet.de, mailto:kont...@sernet.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Need secure version of samba for RHEL5 server.
Hello. I'm in need of a samba version that is secure. I updated from 3.0 to 3.5. When the security problem showed up in 3.5, it really threw a wrench into our secure (air-gapped) scanning. (CVE-2012-2111). The 3.5 rpm was a smooth install. It was a samba3x and it worked great. But now I can't locate one that is a 3.6 with the security issue fixed. I want to do a clean install, not a patch. Would someone point me to one? (kerberized, AD join) Much appreciated! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Backup
Hello list, I have to change the PC where run my samba4 as PDC, the cause is that this PC will change all hardware, if i copy the /usr/local/samba to new pc everything work succeful? or I must make other change? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Need secure version of samba for RHEL5 server.
But now I can't locate one that is a 3.6 with the security issue fixed. I want to do a clean install, not a patch. ftp://ftp.sernet.de/pub/samba/3.6/centos/5/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] idmap_ad partially stopped working after upgrading Samba from 3.4.3 to 3.6.3
On 05/15/2012 1:12 AM, Javier Conti wrote: On 14 May 2012 18:58, David Disseldorpdd...@suse.de wrote: Hi Javier, On Mon, 14 May 2012 17:48:09 +0200 Javier Contijavier.co...@gmail.com wrote: upgrading from SLES11 SP1 to SLES11 SP2, I upgraded Samba from 3.4.3 to 3.6.3. I was successfully using idmap_ad to authenticate users but after the upgrade it stopped working and users are not seen by the OS. Obviously the users I want to see on the Linux server have all RFC2307 attributes populated and are seen by all other SLES11 SP1 servers. I checked everything (I know) from the Samba point of view, and it almost seems ok, but wbinfo -i fails as follows: # wbinfo -i myuser failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for user myuser Thanks for your report. As this version of Samba is vendor supported, I'd encourage you to raise this issue at bugzilla.novell.com. Do you also encounter this error with winbind use default domain = no configured, running wbinfo -i MYDOMAIN\\myuser? Hi David, as you suggested, I filed a bug there. I also tried configuring winbind use default domain = no but all the symptoms seems the same (I obviously restarted winbindd). Thanks, Javier Cheers, David Javier, It is possible that you are seeing this: https://bugzilla.samba.org/show_bug.cgi?id=8676 I can confirm that it is still present in 3.6.5. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Backup
You can copy /usr/local/samba/private and /usr/local/samba/etc directories to the new machine with the new samba compiled install. You will also need to rsync /usr/local/samba/var/locks/sysvol to the new machine but you need to do this with ntacl support using rsync I have found works as it is provisioned with specific permissions and it's a bitch to get them back to normal.. That being said samba ships with a backup script /usr/local/src/samba-master/source4/scripting/bin/samba_backup .. you can tailor for your environment.. I stopped it from backing up the sysvol as it wasn't backing up the ntacls.. On 05/15/2012 02:50 PM, sandy.napo...@eccmg.cupet.cu wrote: Hello list, I have to change the PC where run my samba4 as PDC, the cause is that this PC will change all hardware, if i copy the /usr/local/samba to new pc everything work succeful? or I must make other change? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] idmap_ad partially stopped working after upgrading Samba from 3.4.3 to 3.6.3
Hi Javier, Javier Conti wrote: Dear list, upgrading from SLES11 SP1 to SLES11 SP2, I upgraded Samba from 3.4.3 to 3.6.3. I was successfully using idmap_ad to authenticate users but after the upgrade it stopped working and users are not seen by the OS. Obviously the users I want to see on the Linux server have all RFC2307 attributes populated and are seen by all other SLES11 SP1 servers. Although I tried many changes to the config, according to some hints found on the web, this is what I was using with Samba 3.4.3: [global] workgroup = MYDOMAIN realm = MYREALM security = ADS idmap backend = idmap_ad idmap uid = 64000 - 64999 idmap gid = 64000 - 64999 idmap config MYDOMAIN : default = yes idmap config MYDOMAIN : backend = ad idmap config MYDOMAIN : range = 1000-5 idmap config MYDOMAIN : schema_mode = rfc2307 winbind use default domain = yes winbind nss info = rfc2307 winbind offline logon = yes winbind refresh tickets = yes [...] Any hints on what has changed with Samba 3.6.3 and/or what to change to adapt the configuration to 3.6.3 (if necessary)? Some comments: The above config makes no real sense for me, neither for 3.4 nor for 3.6: * The parameter idmap config DOMAIN : default = yes/no has been removed in samba 3.3. It only existed from 3.0.25 to 3.2. (http://www.samba.org/samba/history/samba-3.3.0.html) * You are using the backend ad (or idmap_ad which is a deprecated synonym) both in idmap config MYDOMAIN : backend and in idmap backend. Both with different ranges. This does not seem to make sense to me. It is necessary to specify a writable backend for the catch all default idmap configuration, e.g. tdb or ldap. In 3.6, the idmap backend has been replaced by idmap config * : backend, etc. A valid config for 3.4 would be: ~ [global] workgroup = MYDOMAIN idmap backend = tdb idmap uid = x-y idmap gid = x-y idmap config MYDOMAIN : backend = ad idmap config MYDOMAIN : range = 1000-5 idmap config MYDOMAIN : schema mode = rfc2370 ~ The corresponding for 3.6: ~ [global] workgroup = MYDOMAIN idmap config * : backend = tdb idmap config * : range = x-y idmap config MYDOMAIN : backend = ad idmap config MYDOMAIN : range = 1000-5 idmap config MYDOMAIN : schema mode = rfc2370 ~ I checked everything (I know) from the Samba point of view, and it almost seems ok, but wbinfo -i fails as follows: # wbinfo -i myuser failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not get info for user myuser Using the same user, for example, I can do: # wbinfo -n myuser S-1-5-21-828208052-1092558876-1846952604-22794 SID_USER (1) # wbinfo -n Domain Users S-1-5-21-828208052-1092558876-1846952604-513 SID_DOM_GROUP (2) # wbinfo -s S-1-5-21-828208052-1092558876-1846952604-22794 MYDOMAIN\myuser 1 # wbinfo -s S-1-5-21-828208052-1092558876-1846952604-513 MYDOMAIN\Domain Users # net -Uadminuser user info myuser |head Enter adminuser's password: domain users [...] # net -Uadminuser ads user |grep myuser Enter adminuser's password: myuser Obviously, id(1) and getent(1) fail. What I get is: [2012/05/14 16:50:47.958484, 6] winbindd/winbindd.c:792(new_connection) accepted socket 25 [2012/05/14 16:50:47.958604, 10] winbindd/winbindd.c:642(process_request) process_request: request fn INTERFACE_VERSION [2012/05/14 16:50:47.958644, 3] winbindd/winbindd_misc.c:384(winbindd_interface_version) [ 5756]: request interface version [2012/05/14 16:50:47.958705, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[5756:INTERFACE_VERSION]: delivered response to client [2012/05/14 16:50:47.958771, 10] winbindd/winbindd.c:642(process_request) process_request: request fn WINBINDD_PRIV_PIPE_DIR [2012/05/14 16:50:47.958808, 3] winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir) [ 5756]: request location of privileged pipe [2012/05/14 16:50:47.958870, 10] winbindd/winbindd.c:738(winbind_client_response_written) winbind_client_response_written[5756:WINBINDD_PRIV_PIPE_DIR]: delivered response to client [2012/05/14 16:50:47.958939, 6] winbindd/winbindd.c:792(new_connection) accepted socket 26 [2012/05/14 16:50:47.958995, 6] winbindd/winbindd.c:840(winbind_client_request_read) closing socket 25, client exited [2012/05/14 16:50:47.959058, 10] winbindd/winbindd.c:615(process_request) process_request: Handling async request 5756:GETPWNAM [2012/05/14 16:50:47.959097, 3]
[Samba] would like to use samba3 pdc, no ldap account backend db, but use ldap for authN
I'd like to: 1) use samba3 as a PDC, and 2) not use LDAP as the account backend database, and 3) specify samba to use but use encrypt passwords = true, and 4) use an ldap server as the authentication source for samba. Is that possible? I'd assumed it would be given that samba is pam-aware, and I can tell pam to use ldap for authN. However, the man page for smb.conf seems to say no, as it says that obey pam restrictions = true will be ignored when encrypt password is set to true. Am I understanding this correctly? Is there a work-around? I don't want to add the samba schema to my existing ldap server, but I do want to use my existing ldap server for authN. Thanks, -- Jon Detert Sr. Systems Administrator Infinity Healthcare Milwaukee, Wisconsin 414-290-6759 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 for AD using existing LDAP, Kerberos, and Bind Setup.
We run Apple's OD to support our Linux, Mac, and Windows clients and servers. We are under pressure to use AD because more and more software coming out for Windows requires it. We don't want to use AD, so Samba4 looks good. However, we don't want to pull apart our directory to implement samba4. Is there a way to get Samba 4 running so that it is able to use the existing LDAP and Kerberos set up for user info and user auth look up, still support Windows clients with AD, and still use our existing bind for general host look ups, but use samba4's own internal DNS for AD stuff? Cheers, David. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind stop working
Lowering idmap cache time from default 604800 to 900 did not helped... Something different here. -- View this message in context: http://samba.2283325.n4.nabble.com/winbind-stop-working-tp4597615p4631620.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 for AD using existing LDAP, Kerberos, and Bind Setup.
On 2012-05-16 04:28, David Minard wrote: We run Apple's OD to support our Linux, Mac, and Windows clients and servers. We are under pressure to use AD because more and more software coming out for Windows requires it. We don't want to use AD, so Samba4 looks good. However, we don't want to pull apart our directory to implement samba4. Is there a way to get Samba 4 running so that it is able to use the existing LDAP and Kerberos set up for user info and user auth look up, still support Windows clients with AD, and still use our existing bind for general host look ups, but use samba4's own internal DNS for AD stuff? Cheers, David. If Apples solution is based on Samba3 (I have no personal experience with it). You would probably need two domains: the existing one and a new Samba4 one. Then set up a cross-domain trust between. Then join your windows boxes to the Samba4 domain. Regards Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8588d10 s4:ntvfs/smb2: remove misleading comment regarding security=server via 12ce84f s4:ntvfs/cifs: remove misleading comment regarding security=server via 7cb4acd s4:auth: remove unused auth_server.c via 413e1be s3:auth: remove unused auth_server.c via 0239f68 docs-xml: remove documentation of SECURITY = SERVER via b4abd3f s3-auth: remove security=server (depricated since 3.6) via 053fcfe s4:param/tests: remove security=server test via f67cb32 selftest: Remove tests for security=server from 747e539 samba-upgradedns: Use the correct magic incantation of sys.path.insert() http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8588d1086142cebcf8734fcd0773f99e8825c87b Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:53:34 2012 +0200 s4:ntvfs/smb2: remove misleading comment regarding security=server metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue May 15 10:12:53 CEST 2012 on sn-devel-104 commit 12ce84f0cf8b2658cf4067dd5189624bdee4bde7 Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:53:34 2012 +0200 s4:ntvfs/cifs: remove misleading comment regarding security=server metze commit 7cb4acd5dd1825e157e00e0e8babd674b494375a Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:01:18 2012 +0200 s4:auth: remove unused auth_server.c metze commit 413e1be7739003696fd903dd80d1ead5275fe74c Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:01:03 2012 +0200 s3:auth: remove unused auth_server.c metze commit 0239f680a79ec41ecff97eea38687eccad2b5894 Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:00:32 2012 +0200 docs-xml: remove documentation of SECURITY = SERVER metze commit b4abd3faaf3bdcbcd24fed8325960ccdee43bea9 Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 12:00:00 2012 +0200 s3-auth: remove security=server (depricated since 3.6) security=server has a lot of problems in the world with modern security (ntlmv2 and krb5). It was also not very reliable, as it needed a stable connection to the password server for the lifetime of the whole client connection! Please use security=domain or security=ads is you authentication against remote servers (domain controllers). metze -- / \ / REST \ /IN\ / PEACE\ / \ | SEC_SERVER | |security=server | | | | | | 12 May | | | |2012 | *| * * * | * _)/\\_//(\/(/\)/\//\/\///|_)___ commit 053fcfef0fa680e2443a07933973f0f21624c336 Author: Stefan Metzmacher me...@samba.org Date: Sat May 12 11:14:17 2012 +0200 s4:param/tests: remove security=server test metze commit f67cb32b51a77dd0ebf63d9469a99f9359cb1e54 Author: Andrew Bartlett abart...@samba.org Date: Tue May 15 09:43:03 2012 +1000 selftest: Remove tests for security=server Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: docs-xml/smbdotconf/security/security.xml | 32 -- lib/param/loadparm_server_role.c |9 +- lib/param/param_enums.c |1 - libds/common/roles.h | 19 +- selftest/target/Samba.pm |1 - selftest/target/Samba3.pm | 40 --- source3/Makefile.in |5 - source3/auth/auth.c |6 - source3/auth/auth_server.c| 487 - source3/auth/proto.h |4 - source3/auth/wscript_build|9 - source3/configure.in |2 - source3/param/loadparm.c |4 - source3/selftest/tests.py |5 +- source3/utils/testparm.c |6 +- source3/wscript |2 +- source4/auth/ntlm/auth_server.c | 237 -- source4/auth/ntlm/wscript_build |8 - source4/ntvfs/cifs/vfs_cifs.c |1 - source4/ntvfs/smb2/vfs_smb2.c |1 - source4/param/tests/loadparm.c| 10 - 21 files changed, 22 insertions(+), 867 deletions(-) delete mode 100644
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via a66865d Use ENC_ values for proto_tree_add_item() calls.
from 8588d10 s4:ntvfs/smb2: remove misleading comment regarding
security=server
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit a66865dd287073f21ce279d52450582ea290c7df
Author: Guy Harris g...@alum.mit.edu
Date: Tue May 15 09:49:53 2012 +0200
Use ENC_ values for proto_tree_add_item() calls.
It appears that the integral value containing the bits in a bitmap should be
dissected according to the data representation, as the individual fields are
fetched by dissect_ndr_XXX, which is passed the data representation and
extracts the value appropriately for the data representation, so the patch
replaces TRUE (which meant always little-endian when the last argument to
proto_tree_add_item() was a byte-order Boolean) with DREP_ENC_INTEGER(drep)
(which means ENC_BIG_ENDIAN or ENC_LITTLE_ENDIAN, depending on the data
representation).
For structures, I'm just using ENC_NA.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8942
Signed-off-by: Jelmer Vernooij jel...@samba.org
Autobuild-User: Jelmer Vernooij jel...@samba.org
Autobuild-Date: Tue May 15 12:07:06 CEST 2012 on sn-devel-104
---
Summary of changes:
pidl/lib/Parse/Pidl/Wireshark/NDR.pm |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
index 46c9850..1aa44c3 100644
--- a/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
+++ b/pidl/lib/Parse/Pidl/Wireshark/NDR.pm
@@ -215,7 +215,7 @@ sub Bitmap()
$self-pidl_code(if (parent_tree) {);
$self-indent;
- $self-pidl_code(item = proto_tree_add_item(parent_tree, hf_index,
tvb, offset, $e-{ALIGN}, TRUE););
+ $self-pidl_code(item = proto_tree_add_item(parent_tree, hf_index,
tvb, offset, $e-{ALIGN}, DREP_ENC_INTEGER(drep)););
$self-pidl_code(tree =
proto_item_add_subtree(item,ett_$ifname\_$name););
$self-deindent;
$self-pidl_code(}\n);
@@ -648,7 +648,7 @@ sub Struct()
$self-pidl_code();
$self-pidl_code(if (parent_tree) {);
$self-indent;
- $self-pidl_code(item = proto_tree_add_item(parent_tree, hf_index,
tvb, offset, -1, TRUE););
+ $self-pidl_code(item = proto_tree_add_item(parent_tree, hf_index,
tvb, offset, -1, ENC_NA););
$self-pidl_code(tree = proto_item_add_subtree(item,
ett_$ifname\_$name););
$self-deindent;
$self-pidl_code(});
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 78af473 s3-auth: Rename to init_system_session_info().
via caaebb4 s3-auth: Don't lookup the system user in pdb.
from a66865d Use ENC_ values for proto_tree_add_item() calls.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 78af4738e7bd6f73469dd990d0f444a04afbc709
Author: Andreas Schneider a...@samba.org
Date: Mon May 14 10:37:59 2012 +0200
s3-auth: Rename to init_system_session_info().
Autobuild-User: Andreas Schneider a...@cryptomilk.org
Autobuild-Date: Tue May 15 13:56:00 CEST 2012 on sn-devel-104
commit caaebb455cf955f66c2f662c53998c480cb2d6c9
Author: Andreas Schneider a...@samba.org
Date: Mon May 14 10:31:32 2012 +0200
s3-auth: Don't lookup the system user in pdb.
This fixes bug #8944, ldapsam:trusted and ipasam. It is an additional
fix for bug #8567 (0528cb5f3a15b72dcb34ece21a3ffb3e7b8d6eb9).
---
Summary of changes:
source3/auth/auth_util.c| 101 --
source3/auth/proto.h|2 +-
source3/smbd/server.c |2 +-
source3/winbindd/winbindd.c |2 +-
4 files changed, 99 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 6075232..f270ccd 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -771,6 +771,44 @@ NTSTATUS make_server_info_pw(struct
auth_serversupplied_info **server_info,
return NT_STATUS_OK;
}
+static NTSTATUS get_system_info3(TALLOC_CTX *mem_ctx,
+struct passwd *pwd,
+struct netr_SamInfo3 *info3)
+{
+ struct dom_sid domain_sid;
+ const char *tmp;
+
+ /* Set account name */
+ tmp = talloc_strdup(mem_ctx, pwd-pw_name);
+ if (tmp == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ init_lsa_String(info3-base.account_name, tmp);
+
+ /* Set domain name */
+ tmp = talloc_strdup(mem_ctx, get_global_sam_name());
+ if (tmp == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ init_lsa_StringLarge(info3-base.logon_domain, tmp);
+
+ /* Domain sid */
+ sid_copy(domain_sid, get_global_sam_sid());
+
+ info3-base.domain_sid = dom_sid_dup(mem_ctx, domain_sid);
+ if (info3-base.domain_sid == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* Admin rid */
+ info3-base.rid = DOMAIN_RID_ADMINISTRATOR;
+
+ /* Primary gid */
+ info3-base.primary_gid = dom_sid_parse_talloc(mem_ctx, SID_NT_SYSTEM);
+
+ return NT_STATUS_OK;
+}
+
static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *info3)
{
@@ -898,6 +936,60 @@ done:
it.
/
+static NTSTATUS make_system_session_info_from_pw(TALLOC_CTX *mem_ctx,
+struct passwd *pwd,
+struct auth_session_info
**session_info)
+{
+ struct auth_serversupplied_info *server_info;
+ const char *domain = lp_netbios_name();
+ struct netr_SamInfo3 info3;
+ TALLOC_CTX *tmp_ctx;
+ NTSTATUS status;
+
+ tmp_ctx = talloc_stackframe();
+ if (tmp_ctx == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ZERO_STRUCT(info3);
+
+ status = get_system_info3(tmp_ctx, pwd, info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, (Failed creating system info3 with %s\n,
+ nt_errstr(status)));
+ goto done;
+ }
+
+ status = make_server_info_info3(tmp_ctx,
+ pwd-pw_name,
+ domain,
+ server_info,
+ info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, (make_server_info_info3 failed with %s\n,
+ nt_errstr(status)));
+ goto done;
+ }
+
+ server_info-nss_token = true;
+
+ /* Now turn the server_info into a session_info with the full token etc
*/
+ status = create_local_token(mem_ctx, server_info, NULL, pwd-pw_name,
session_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, (create_local_token failed: %s\n,
+ nt_errstr(status)));
+ goto done;
+ }
+
+ talloc_free(server_info);
+ talloc_steal(mem_ctx, *session_info);
+
+ status = NT_STATUS_OK;
+done:
+ TALLOC_FREE(tmp_ctx);
+ return status;
+}
+
static NTSTATUS make_session_info_from_pw(TALLOC_CTX *mem_ctx,
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 5e6357b lib/ccan: add a missing dependency to 'execinfo' for
'backtrace()'
from 78af473 s3-auth: Rename to init_system_session_info().
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 5e6357b42149ad4504fdd7b05acd264d10fcbe67
Author: Stefan Metzmacher me...@samba.org
Date: Tue May 15 12:40:19 2012 +0200
lib/ccan: add a missing dependency to 'execinfo' for 'backtrace()'
metze
Autobuild-User: Stefan Metzmacher me...@samba.org
Autobuild-Date: Tue May 15 16:12:54 CEST 2012 on sn-devel-104
---
Summary of changes:
lib/ccan/wscript |4
1 files changed, 4 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ccan/wscript b/lib/ccan/wscript
index 59fe93a..24034bb 100644
--- a/lib/ccan/wscript
+++ b/lib/ccan/wscript
@@ -117,8 +117,12 @@ def configure(conf):
addmain=False, link=False, cflags=-Werror,
define='HAVE_WARN_UNUSED_RESULT')
+# backtrace could be in libexecinfo or in libc
+conf.CHECK_FUNCS_IN('backtrace backtrace_symbols', 'execinfo',
checklibc=True, headers='execinfo.h')
+
def build(bld):
bld.SAMBA_LIBRARY('ccan',
vnum=0.1-init-1161-g661d41f,
source=bld.path.ant_glob('*/*.c'),
+ deps='execinfo',
private_library=True)
--
Samba Shared Repository
autobuild: intermittent test failure detected
The autobuild test system has detected an intermittent failing test in the current master tree. The autobuild log of the failure is available here: http://git.samba.org/autobuild.flakey/2012-05-15-1810/flakey.log The samba3 build logs are available here: http://git.samba.org/autobuild.flakey/2012-05-15-1810/samba3.stderr http://git.samba.org/autobuild.flakey/2012-05-15-1810/samba3.stdout The source4 build logs are available here: http://git.samba.org/autobuild.flakey/2012-05-15-1810/samba4.stderr http://git.samba.org/autobuild.flakey/2012-05-15-1810/samba4.stdout The top commit at the time of the failure was: commit 5e6357b42149ad4504fdd7b05acd264d10fcbe67 Author: Stefan Metzmacher me...@samba.org Date: Tue May 15 12:40:19 2012 +0200 lib/ccan: add a missing dependency to 'execinfo' for 'backtrace()' metze Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue May 15 16:12:54 CEST 2012 on sn-devel-104
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 8ae354e s3: Remove some unused code
via c562a53 s3: Fix a likely cutpaste error
from 5e6357b lib/ccan: add a missing dependency to 'execinfo' for
'backtrace()'
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8ae354ed4e3443dce7678a4c0ad3bd034bf5305b
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 13:37:25 2012 +0200
s3: Remove some unused code
Autobuild-User: Volker Lendecke v...@samba.org
Autobuild-Date: Tue May 15 18:24:10 CEST 2012 on sn-devel-104
commit c562a534c854388e860d0231aab5dad4f06dfe2c
Author: Volker Lendecke v...@samba.org
Date: Mon May 14 19:48:16 2012 +0200
s3: Fix a likely cutpaste error
---
Summary of changes:
source3/lib/util_malloc.c | 14 --
source3/smbd/lanman.c |2 +-
2 files changed, 1 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/util_malloc.c b/source3/lib/util_malloc.c
index faff9b0..ff78db6 100644
--- a/source3/lib/util_malloc.c
+++ b/source3/lib/util_malloc.c
@@ -40,20 +40,6 @@ void *malloc_(size_t size)
}
/
- Internal calloc wrapper. Not externally visible.
-/
-
-static void *calloc_(size_t count, size_t size)
-{
- if (size == 0 || count == 0) {
- return NULL;
- }
-#undef calloc
- return calloc(count, size);
-#define calloc(n,s) __ERROR_DONT_USE_CALLOC_DIRECTLY
-}
-
-/
Internal realloc wrapper. Not externally visible.
/
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 31775bf..ac2faa9 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -3145,7 +3145,7 @@ static bool api_SetUserPassword(struct
smbd_server_connection *sconn,
ZERO_STRUCT(old_lm_hash);
ZERO_STRUCT(new_lm_hash);
memcpy(old_lm_hash.hash, pass1, MIN(strlen(pass1), 16));
- memcpy(new_lm_hash.hash, pass1, MIN(strlen(pass2), 16));
+ memcpy(new_lm_hash.hash, pass2, MIN(strlen(pass2), 16));
}
status = dcerpc_samr_ChangePasswordUser(b, mem_ctx,
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 5f494c4 libcli/smb: move smb2cli_ioctl.c from source3 to the toplevel via c16e263 libcli/smb: move smb2cli_query_directory.c from source3 to the toplevel via b2d9c02 libcli/smb: move smb2cli_query_info.c from source3 to the toplevel via 22b76de libcli/smb: move smb2cli_set_info.c from source3 to the toplevel via 1d7c6bf libcli/smb: move smb2cli_flush.c from source3 to the toplevel via f50fc00 libcli/smb: move smb2cli_write.c from source3 to the toplevel via 269000b libcli/smb: move smb2cli_read.c from source3 to the toplevel via 4022edc libcli/smb: move smb2cli_close.c from source3 to the toplevel via 2674d0c libcli/smb: move smb2cli_create.c from source3 to the toplevel via 35b54ae s3:libsmb: avoid interpret_long_date() in smb2cli_create via b488567 s3:cli_np_tstream: include smbXcli_base.h, because we'll use functions from there from 8ae354e s3: Remove some unused code http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 5f494c424cf204c1b5164085aecb3ea54c1b0fa9 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 12:24:38 2012 +0200 libcli/smb: move smb2cli_ioctl.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User: Stefan Metzmacher me...@samba.org Autobuild-Date: Tue May 15 20:17:01 CEST 2012 on sn-devel-104 commit c16e263d0e84c14e5a1dd45a2ec13a6972aa8885 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 12:19:11 2012 +0200 libcli/smb: move smb2cli_query_directory.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit b2d9c02665c0a168f29c4fb51d2ba280547ad8c6 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 12:14:47 2012 +0200 libcli/smb: move smb2cli_query_info.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit 22b76de2ffd25e580bd8db61748fa9a6cf62d153 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 12:05:50 2012 +0200 libcli/smb: move smb2cli_set_info.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit 1d7c6bfd7ae02a0b026bb999b462dae4027c7d10 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 12:00:19 2012 +0200 libcli/smb: move smb2cli_flush.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit f50fc00306768424dee0680f7f9cae7ff0b3dcd8 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 11:11:24 2012 +0200 libcli/smb: move smb2cli_write.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit 269000b1b344fb04efe0f12ca455b584074139d3 Author: Björn Baumbach b...@sernet.de Date: Tue May 15 10:50:49 2012 +0200 libcli/smb: move smb2cli_read.c from source3 to the toplevel Signed-off-by: Stefan Metzmacher me...@samba.org commit 4022edc9064e7cde147f0c7cbd93b76db30fac4a Author: Stefan Metzmacher me...@samba.org Date: Tue May 15 10:26:25 2012 +0200 libcli/smb: move smb2cli_close.c from source3 to the toplevel metze commit 2674d0c458410a96d6e33e190a6924e857bbe8be Author: Stefan Metzmacher me...@samba.org Date: Tue May 15 10:23:54 2012 +0200 libcli/smb: move smb2cli_create.c from source3 to the toplevel metze commit 35b54ae5a9bf67373dc824fd2843411fee0aec72 Author: Stefan Metzmacher me...@samba.org Date: Tue May 15 11:27:23 2012 +0200 s3:libsmb: avoid interpret_long_date() in smb2cli_create metze commit b488567a18653e4f95ed68964ee5846aac8c3ca6 Author: Stefan Metzmacher me...@samba.org Date: Tue May 15 12:41:55 2012 +0200 s3:cli_np_tstream: include smbXcli_base.h, because we'll use functions from there metze --- Summary of changes: libcli/smb/smb2cli_close.c | 135 libcli/smb/smb2cli_create.c | 279 libcli/smb/smb2cli_flush.c | 131 libcli/smb/smb2cli_ioctl.c | 335 + libcli/smb/smb2cli_query_directory.c | 208 ++ libcli/smb/smb2cli_query_info.c | 251 ++ libcli/smb/smb2cli_read.c| 187 + libcli/smb/smb2cli_set_info.c| 182 libcli/smb/smb2cli_write.c | 161 ++ libcli/smb/smbXcli_base.h| 245 ++ libcli/smb/wscript_build |9 + source3/Makefile.in | 18 +- source3/libsmb/cli_np_tstream.c |1 + source3/libsmb/smb2cli.h | 245 -- source3/libsmb/smb2cli_close.c | 137
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 18e2e86 libwbclient: Fix an invalid free()
via e5825ab wbinfo: Fix Coverity ID 242684 Resource leak
via c5eab2e wbinfo: Fix Coverity ID 242685 Resource leak
via fc77ee5 s3: Fix Coverity ID 242710 Untrusted pointer read
via 2298622 dbwrap: Fix Coverity ID 242750 Incorrect sizeof expression
from 5f494c4 libcli/smb: move smb2cli_ioctl.c from source3 to the
toplevel
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 18e2e86c083fa1a24056e691a755bc45a35547d1
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 19:58:26 2012 +0200
libwbclient: Fix an invalid free()
Autobuild-User: Volker Lendecke v...@samba.org
Autobuild-Date: Wed May 16 00:00:00 CEST 2012 on sn-devel-104
commit e5825ab22de75315e1af9cc58e79b9e2c3896226
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 19:49:31 2012 +0200
wbinfo: Fix Coverity ID 242684 Resource leak
commit c5eab2e9acb66c0a8c48ababc0e495adb415aeeb
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 19:48:42 2012 +0200
wbinfo: Fix Coverity ID 242685 Resource leak
commit fc77ee51717d3ca8e7d50ff46f2738cee475a84f
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 19:26:48 2012 +0200
s3: Fix Coverity ID 242710 Untrusted pointer read
According to susv3 we have to make sure that we call isupper with
values only in the range of an unsigned char. This is best achieved
by automatic narrowing through assignment.
commit 229862224301e3fa3fc30cd495a7ff9ee7ca4b60
Author: Volker Lendecke v...@samba.org
Date: Tue May 15 18:51:06 2012 +0200
dbwrap: Fix Coverity ID 242750 Incorrect sizeof expression
Taking the size of db is correct, but a bit fishy. Silence Coverity.
---
Summary of changes:
lib/dbwrap/dbwrap_rbt.c|2 +-
nsswitch/libwbclient/wbc_sid.c |2 +-
nsswitch/wbinfo.c |2 ++
source3/utils/net_registry_check.c |2 +-
4 files changed, 5 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/dbwrap/dbwrap_rbt.c b/lib/dbwrap/dbwrap_rbt.c
index c25ea6e..d468953 100644
--- a/lib/dbwrap/dbwrap_rbt.c
+++ b/lib/dbwrap/dbwrap_rbt.c
@@ -411,7 +411,7 @@ static int db_rbt_trans_dummy(struct db_context *db)
static void db_rbt_id(struct db_context *db, const uint8_t **id, size_t *idlen)
{
*id = (uint8_t *)db;
- *idlen = sizeof(db);
+ *idlen = sizeof(struct db_context *);
}
struct db_context *db_open_rbt(TALLOC_CTX *mem_ctx)
diff --git a/nsswitch/libwbclient/wbc_sid.c b/nsswitch/libwbclient/wbc_sid.c
index 6df8a3c..bab6933 100644
--- a/nsswitch/libwbclient/wbc_sid.c
+++ b/nsswitch/libwbclient/wbc_sid.c
@@ -295,7 +295,7 @@ static void wbcTranslatedNamesDestructor(void *ptr)
struct wbcTranslatedName *n = (struct wbcTranslatedName *)ptr;
while (n-name != NULL) {
- free(n-name);
+ wbcFreeMemory(n-name);
n += 1;
}
}
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index e7f902f..3f7036d 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -1389,6 +1389,8 @@ static bool wbinfo_lookup_sids(const char *arg)
domains[names[i].domain_index].short_name,
names[i].name, names[i].type);
}
+ wbcFreeMemory(names);
+ wbcFreeMemory(domains);
return true;
}
diff --git a/source3/utils/net_registry_check.c
b/source3/utils/net_registry_check.c
index 8d1a91c..6e455db 100644
--- a/source3/utils/net_registry_check.c
+++ b/source3/utils/net_registry_check.c
@@ -788,7 +788,7 @@ static int check_tdb_action(struct db_record *rec, void
*check_ctx)
}
if (invalid_path) {
- int action;
+ unsigned char action;
if (ctx-opt.output == NULL) {
action = first_iter ? 'r' : 's';
} else if (ctx-opt.automatic) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via b6e3608 build: Add explicit mention of --abi-check-disable to ABI
checker
from 18e2e86 libwbclient: Fix an invalid free()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit b6e36089e5bd43baeb41e8299ad8970b1cd32c88
Author: Andrew Bartlett abart...@samba.org
Date: Tue May 15 23:03:31 2012 +1000
build: Add explicit mention of --abi-check-disable to ABI checker
This information has always been in the linked wiki page, but put it
in the build to unblock developers using platforms with slightly
different GDB output.
We can also assist this by improving the string normalisiation in the
ABI checker when example errors are provided.
It is better to build with the waf build and the full testsuite than
to avoid the waf build or not to use the developer options simply to
skip the ABI checker.
Andrew Bartlett
Autobuild-User: Andrew Bartlett abart...@samba.org
Autobuild-Date: Wed May 16 01:53:42 CEST 2012 on sn-devel-104
---
Summary of changes:
buildtools/wafsamba/samba_abi.py |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_abi.py b/buildtools/wafsamba/samba_abi.py
index c51e08c..2966d7c 100644
--- a/buildtools/wafsamba/samba_abi.py
+++ b/buildtools/wafsamba/samba_abi.py
@@ -109,7 +109,7 @@ def abi_check_task(self):
got_error = True
if got_error:
-raise Utils.WafError('ABI for %s has changed - please fix library
version then build with --abi-update\nSee
http://wiki.samba.org/index.php/Waf#ABI_Checking for more information' %
libname)
+raise Utils.WafError('ABI for %s has changed - please fix library
version then build with --abi-update\nSee
http://wiki.samba.org/index.php/Waf#ABI_Checking for more information\nIf you
have not changed any ABI, and your platform always gives this error, please
configure with --abi-check-disable to skip this check' % libname)
t = Task.task_type_from_func('abi_check', abi_check_task, color='BLUE',
ext_in='.bin')
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via bfe4a2b Fix the overwriting of errno before use in a DEBUG
statement and use the return value from store_acl_blob_fsp rather than ignoring
it.
from b6e3608 build: Add explicit mention of --abi-check-disable to ABI
checker
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit bfe4a2baeec6bc4558a617ec67532ea11f865861
Author: Richard Sharpe realrichardsha...@gmail.com
Date: Tue May 15 07:47:14 2012 -0700
Fix the overwriting of errno before use in a DEBUG statement and use the
return value from store_acl_blob_fsp rather than ignoring it.
Autobuild-User: Richard Sharpe sha...@samba.org
Autobuild-Date: Wed May 16 03:43:41 CEST 2012 on sn-devel-104
---
Summary of changes:
source3/modules/vfs_acl_common.c |7 +--
source3/modules/vfs_acl_xattr.c |6 +++---
2 files changed, 8 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/modules/vfs_acl_common.c b/source3/modules/vfs_acl_common.c
index 241bc8f..221b43f 100644
--- a/source3/modules/vfs_acl_common.c
+++ b/source3/modules/vfs_acl_common.c
@@ -592,10 +592,13 @@ static NTSTATUS fset_nt_acl_common(vfs_handle_struct
*handle, files_struct *fsp,
NDR_PRINT_DEBUG(security_descriptor,
discard_const_p(struct security_descriptor, psd));
}
+ /*
+* Perhaps create_acl_blob should have a status return as well
+*/
create_acl_blob(psd, blob, XATTR_SD_HASH_TYPE_SHA256, hash);
- store_acl_blob_fsp(handle, fsp, blob);
+ status = store_acl_blob_fsp(handle, fsp, blob);
- return NT_STATUS_OK;
+ return status;
}
static int acl_common_remove_object(vfs_handle_struct *handle,
diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c
index 5653657..c1b0a60 100644
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -119,12 +119,12 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct
*handle,
}
unbecome_root();
if (ret) {
- errno = saved_errno;
DEBUG(5, (store_acl_blob_fsp: setting attr failed for file %s
with error %s\n,
fsp_str_dbg(fsp),
- strerror(errno) ));
- return map_nt_error_from_unix(errno);
+ strerror(saved_errno) ));
+ errno = saved_errno;
+ return map_nt_error_from_unix(saved_errno);
}
return NT_STATUS_OK;
}
--
Samba Shared Repository
